2016-12-08 22:54:26 +0000 -------------------------------------------------------------------------------- ENV: --- CPLUS_INCLUDE_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/include" LESS_TERMCAP_mb: "\e[01;31m" HOSTNAME: ip-172-31-27-206 LESS_TERMCAP_md: "\e[01;38;5;208m" GEM_HOME: "/home/ec2-user/arachni-2.0dev-1.0dev/system/gems" LESS_TERMCAP_me: "\e[0m" SHELL: "/bin/bash" TERM: xterm HISTSIZE: '1000' IRBRC: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby/.irbrc" SSH_CLIENT: 65.204.211.10 38493 22 EC2_AMITOOL_HOME: "/opt/aws/amitools/ec2" LIBRARY_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib:/usr/lib:/usr/local/lib" MY_RUBY_HOME: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby" LESS_TERMCAP_ue: "\e[0m" SSH_TTY: "/dev/pts/0" USER: ec2-user LD_LIBRARY_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib:/usr/lib:/usr/local/lib" LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:' EC2_HOME: "/opt/aws/apitools/ec2" LESS_TERMCAP_us: "\e[04;38;5;111m" FONTCONFIG_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/home/arachni/.fonts" PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bin:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/../bin:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/bin:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/gems/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/opt/aws/bin:/home/ec2-user/.local/bin:/home/ec2-user/bin" MAIL: "/var/spool/mail/ec2-user" C_INCLUDE_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/include" PWD: "/home/ec2-user/arachni-2.0dev-1.0dev" JAVA_HOME: "/usr/lib/jvm/jre" ARACHNI_WEBUI_LOGDIR: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/logs/webui" AWS_CLOUDWATCH_HOME: "/opt/aws/apitools/mon" LANG: en_US.UTF-8 ARACHNI_FRAMEWORK_LOGDIR: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/logs/framework" HISTCONTROL: ignoredups HOME: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/home/arachni" SHLVL: '1' RAILS_ENV: production AWS_PATH: "/opt/aws" AWS_AUTO_SCALING_HOME: "/opt/aws/apitools/as" LOGNAME: ec2-user GEM_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/gems" SSH_CONNECTION: 65.204.211.10 38493 172.31.27.206 22 AWS_ELB_HOME: "/opt/aws/apitools/elb" LESSOPEN: "||/usr/bin/lesspipe.sh %s" RUBYLIB: "/home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/bundler-1.13.6/lib:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby/2.2.0:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby/2.2.0/i686-linux:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/lib/ruby/site_ruby/2.2.0/i686-linux" RUBY_VERSION: ruby-2.2.3 LESS_TERMCAP_se: "\e[0m" RACK_ENV: development BUNDLE_GEMFILE: "/home/ec2-user/arachni-2.0dev-1.0dev/system/arachni-ui-web/Gemfile" BUNDLER_ORIG_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/../bin:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/usr/bin:/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/gems/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/opt/aws/bin:/home/ec2-user/.local/bin:/home/ec2-user/bin" BUNDLER_ORIG_GEM_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/bin/../system/gems" BUNDLE_BIN_PATH: "/home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/bundler-1.13.6/exe/bundle" BUNDLER_VERSION: 1.13.6 RUBYOPT: "-rbundler/setup" MANPATH: "/home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/kramdown-1.4.1/man" BUNDLER_ORIG_MANPATH: "/home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/kramdown-1.4.1/man" -------------------------------------------------------------------------------- OPTIONS: --- session: {} http: user_agent: Arachni/v2.0dev request_timeout: 20000 request_redirect_limit: 5 request_concurrency: 20 request_queue_size: 100 request_headers: {} response_max_size: 2000000 cookies: {} authentication_type: auto authentication_username: "*****" authentication_password: "*****" browser_cluster: local_storage: {} wait_for_elements: {} pool_size: 6 job_timeout: 25 worker_time_to_live: 100 ignore_images: false screen_width: 1600 screen_height: 1200 scope: redundant_path_patterns: {} dom_depth_limit: 10 exclude_file_extensions: [] exclude_path_patterns: [] exclude_content_patterns: [] include_path_patterns: [] restrict_paths: [] extend_paths: [] url_rewrites: {} directory_depth_limit: 20 include_subdomains: true exclude_binaries: false https_only: false datastore: token: c6b41396620617fef079820427ba7770 audit: parameter_values: true exclude_vector_patterns: [] include_vector_patterns: [] link_templates: [] links: true forms: true cookies: true headers: true with_both_http_methods: true cookies_extensively: false jsons: true xmls: true ui_forms: true ui_inputs: true input: values: "(?i-mx:userLogin)": ada "(?i-mx:password)": "(?i-mx:txt)": arachni_text "(?i-mx:num)": '132' "(?i-mx:amount)": '100' "(?i-mx:mail)": arachni@email.gr "(?i-mx:account)": '12' "(?i-mx:id)": '1' default_values: name: arachni_name user: arachni_user usr: arachni_user pass: 5543!%arachni_secret txt: arachni_text num: '132' amount: '100' mail: arachni@email.gr account: '12' id: '1' without_defaults: true force: false checks: - code_injection - code_injection_php_input_wrapper - code_injection_timing - csrf - file_inclusion - ldap_injection - no_sql_injection - no_sql_injection_differential - os_cmd_injection - os_cmd_injection_timing - path_traversal - response_splitting - rfi - session_fixation - source_code_disclosure - trainer - unvalidated_redirect - unvalidated_redirect_dom - xpath_injection - xss - xss_dom - xss_dom_script_context - xss_event - xss_path - xss_script_context - xss_tag - xxe - allowed_methods - backdoors - backup_directories - backup_files - captcha - common_admin_interfaces - common_directories - common_files - cookie_set_for_parent_domain - cvs_svn_users - directory_listing - emails - form_upload - hsts - htaccess_limit - html_objects - http_only_cookies - http_put - insecure_client_access_policy - insecure_cookies - insecure_cors_policy - insecure_cross_domain_policy_access - insecure_cross_domain_policy_headers - interesting_responses - localstart_asp - mixed_resource - origin_spoof_access_restriction_bypass - password_autocomplete - private_ip - unencrypted_password_forms - x_frame_options - xst platforms: [] plugins: autothrottle: discovery: email_notify: to: geoff.tarcha@schneider-electric.com cc: '' bcc: '' from: geoff.tarcha@schneider-electric.com server_address: email-smtp.us-west-2.amazonaws.com server_port: '587' tls: 'on' username: "*******" password: "*******" domain: localhost.localdomain authentication: '' report: xml healthmap: timing_attacks: uncommon_headers: uniformity: waf_detector: precision: '5' no_fingerprinting: false authorized_by: url: https://portal-test.modeler.gy/ -------------------------------------------------------------------------------- [2016-12-08 22:54:26 +0000] [Errno::ECONNREFUSED] Connection refused - connect(2) for "127.0.0.1" port 17587 [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `initialize' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `open' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `block in connect' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/timeout.rb:88:in `block in timeout' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/timeout.rb:98:in `call' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/timeout.rb:98:in `timeout' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:878:in `connect' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:863:in `do_start' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:852:in `start' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/net/http.rb:1375:in `request' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:103:in `response_for' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:57:in `request' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/common.rb:59:in `call' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:653:in `raw_execute' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:124:in `create_session' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:88:in `initialize' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in `new' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in `for' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver.rb:82:in `for' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser.rb:1097:in `selenium' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser.rb:1325:in `start_webdriver' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser.rb:187:in `initialize' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser_cluster/worker.rb:51:in `initialize' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser_cluster.rb:495:in `new' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser_cluster.rb:495:in `block in initialize_workers' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser_cluster.rb:494:in `times' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser_cluster.rb:494:in `initialize_workers' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/browser_cluster.rb:112:in `initialize' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework/parts/browser.rb:33:in `new' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework/parts/browser.rb:33:in `block in browser_cluster' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/usr/lib/ruby/2.2.0/monitor.rb:211:in `mon_synchronize' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework/parts/browser.rb:28:in `browser_cluster' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework/parts/audit.rb:173:in `audit' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework.rb:117:in `block in run' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/utilities.rb:425:in `call' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/utilities.rb:425:in `exception_jail' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework.rb:117:in `run' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/rpc/server/framework.rb:156:in `block in run' [2016-12-08 22:54:26 +0000] [2016-12-08 22:54:26 +0000] Parent: [2016-12-08 22:54:26 +0000] Arachni::RPC::Server::Framework [2016-12-08 22:54:26 +0000] [2016-12-08 22:54:26 +0000] Block: [2016-12-08 22:54:26 +0000] # [2016-12-08 22:54:26 +0000] [2016-12-08 22:54:26 +0000] Caller: [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/utilities.rb:425:in `exception_jail' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/framework.rb:117:in `run' [2016-12-08 22:54:26 +0000] /home/ec2-user/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-fb74ae35ae08/lib/arachni/rpc/server/framework.rb:156:in `block in run' [2016-12-08 22:54:26 +0000] --------------------------------------------------------------------------------